Ameet Dhillon

Broom wiping zero and ones | FirmGuard SecureWipe

FirmGuard^®SecureWipe securely erases endpoint HDD, SSD, and other mass storage devices

March 18, 2024

SecureWipe is a FirmGuard feature that securely erases endpoint HDD, SSD, and other mass storage devices. It is triggered remotely from the FirmGuard Portal and forensically erases all data and partitions independent of the operating system (OS).

PixieFail UEFI Flaws Expose Millions of Computers

January 18, 2024

Reference Article
Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification used widely in modern computers.

LogoFAIL Can Lead to Denial-of-Service Attack or Worse

December 7, 2023

CVE-2023-5058
A new firmware vulnerability called “LogoFAIL” has been disclosed. The flaw exists in the processing of user-supplied splash screen during system boot, which can be exploited by an attacker.

High Severity Vulnerability in HP PC BIOS

June 20, 2023

HP Bulletin | CVE-2023-26299

HP discovered a potential vulnerability in the BIOS of certain HP PC products that use AMI UEFI Firmware.

Read More »

High Severity Vulnerability in Acer Notebook Devices

June 15, 2023

Acer Article | CVE-2022-4020

A vulnerability has been discovered in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices, which may allow an attacker with elevated privileges to modify UEFI Secure Boot settings by modifying an NVRAM variable.

Read More »

The BlackLotus Campaign

April 11, 2023

Microsoft Incident Report | CVE-2022-21894

In April 2023, cybersecurity researchers at Microsoft identified a dangerous UEFI bootkit (CVE-2022-21894), dubbed “BlackLotus”. It operates at computer startup, compromising systems and disabling OS security mechanisms.

Read More »

High Severity Vulnerability in Acer Aspire E5-475G BIOS

February 16, 2023

CVE-2022-40080

A stack overflow vulnerability has been found in the BIOS firmware of Aspire E5-475G laptops, which can allow local attackers to execute arbitrary code and gain escalated privileges during the boot process.

Read More »

CosmicStrand: The Discovery of a Sophisticated UEFI Firmware Rootkit

July 25, 2022

Reference Article
CosmicStrand appears to be the work of an unknown Chinese-speaking threat actor.

Read More »

MoonBounce: Chinese Group Deploys MoonBounce Implant in UEFI Firmware

January 21, 2022

Reference Article

The highly targeted attack reveals a new level of sophistication in attacks against UEFI firmware.

Read More »

ESPecter: UEFI Bootkit that targets EFI System Partition (ESP)

October 5, 2021

ESET discovered a UEFI bootkit they call “ESPecter” which is so named because it targets the EFI System Partition (ESP).

Read More »

WHO WE SERVE

THE FIRMGUARD PLATFORM

SecureCheck

SecureConfig

SecureUpdate

SecureWipe

SecureSense

SecureBeat

FIRMGUARD CASE STUDY

RESOURCES

FEATURED ON THE BLOG

FirmGuard^®SecureWipe securely erases endpoint HDD, SSD, and other mass storage devices

PixieFail UEFI Flaws Expose Millions of Computers

LogoFAIL Can Lead to Denial-of-Service Attack or Worse

High Severity Vulnerability in HP PC BIOS

High Severity Vulnerability in Acer Notebook Devices

The BlackLotus Campaign

High Severity Vulnerability in Acer Aspire E5-475G BIOS

CosmicStrand: The Discovery of a Sophisticated UEFI Firmware Rootkit

MoonBounce: Chinese Group Deploys MoonBounce Implant in UEFI Firmware

ESPecter: UEFI Bootkit that targets EFI System Partition (ESP)